On December 28th, a denial of service vulnerability was discovered in Ruby version 1.8.7 patch level 352 and all prior versions. Although this isn't a very easy thing to do, it may be worthwhile to upgrade your Ruby instance if you're running on an older version.

SproutCore 2.0 was renamed Ember.js last month and recently, James Harton forked the sprout-core rails gem to use the latest build. If you're looking for a front-end MVC JavaScript architecture for your web app, may be worth a look.

Andrzej Krzywda reminds us all that Rails is cool in this article, countering all of the Object Oriented programming anti-rails sentiment. His article explains why Rails isn’t actually bad, how it could be better, how what we’re doing with it could be improved, and more.

Graylog2, incase you haven't heard of it, is an open source log management solution stores your logs in ElasticSearch, uses a Java server to accept and store messages, with a Rails web interface to parse through log messages. This sounds like a great solution if you need complex log parsing locally.

Thougthbot gave us a holiday gift this season, not by giving us Giant Robots, but by evaluating the different decorator patterns in Ruby. They walk you through a bunch of approaches available to you with Ruby to address the pattern, including inheritance, module inclusion, instance extension, delegators, and more.

Our own Les Hill created a ruby gem over the Christmas break called hogan_assets. It uses Twitter's recently released Mustache compiler hogan.js to do all the pre-compiling for you in the Rails asset stack.

Presto! We go to Kathmandu to Track some elusive Spatial Data Formats with Cookies, head back to the States to meet Jenkins, and slowly stagger back while trying to pronounce Vendorer on this episode of Ruby5.